You are on page 1of 6

BT0088 - Cryptography and Network Security

Question 1 - Define attack and explain the types of Threats.

The Internet continues to grow exponentially. Personal, government, and business
applications continue to multiply on the Internet, with immediate benefits to end users.
However, these network-based applications and services can pose security risks to
individuals and to the information resources of companies and governments. Information is
an asset that must be protected. Without adequate network security, many individuals,
businesses, and governments risk losing that asset is called attack.

Types of Threats
 Interception: This type of threat occurs when an unauthorized party (outsider) has
gained access. The outside party can be a person, a program, or a computing
system. Examples of this type of failure are illicit copying of program or data files, or
wiretapping to obtain data in a network. Although a loss may be discovered fairly
quickly, a silent interceptor may leave no traces by which the interception can be
readily detected. When an unauthorized party modifies or corrupts the asset, the
threat is a modification. For example, someone might change the values in a
database, alter a program so that it performs an additional computation. It is even
possible to modify hardware. Only some cases are detected easily using simple
measures, but others are almost impossible to detect.

 Interruption: This occurs when an asset of the system becomes lost, unavailable, or
unusable. An example is the malicious destruction of a hardware device, erasure of a
program or data file, or malfunction of an operating system file manager so that it
cannot find a particular disk file. The useful means of classifying security attacks is in
terms of passive attacks and active attacks. A passive attack attempts to learn or
make use of information from the system but does not affect the system resources.
An active attack attempts to alter system resources or affect their operation.

1

Any action that compromises the security of information owned by an organization is called security attack. For example. Each of these assets offers value to different members of the community affected by the system. we analyze a system from a security perspective.Question 2 . we can identify data whose format or contents should be protected in some way. and trojan horses. 2 . We want our security system to make sure that no data is disclosed to an unauthorized parties.e. A process whereby a person compromises your computer by installing harmful malicious software in your computer without your knowledge. Computer-based system has three interrelated and valuable components namely. making your computer to function abnormally. To analyze security. software. i. These malicious software includes viruses.What is security attack? Explain with examples. you improve the system's design so that the system can withstand any of the problems you have identified. spying on your online surfing habits. Neither do we want the data being modified in illegitimate ways nor do we want the illegitimate users to access the data. These software often deletes certain vital files on your computer. or cause them to be executed. hardware. thinking about the ways in which the system's security can malfunction and diminish the value of its assets. spywares. we can brainstorm about the ways in which the system or its information can experience some kind of loss or harm. In the same way. Then. one of your jobs is to imagine how the system could malfunction. When you test any computer system. adwares. Those who execute such actions. are called attackers or opponents. and cause advertisements to pop up on your screen when you are online. and data. By this we identify weaknesses of a system.

Question 3 . Principle 4 acknowledges that humans make errors in their use of enciphering algorithms.  The amount of secrecy needed should determine the amount of labor appropriate for the encryption and decryption. yet it gives the cryptanalyst more data from which to infer a pattern. For instance. The idea behind principle 5 is that a ciphertext that expands dramatically size cannot possibly carry more information than the plaintext.Explain different characteristics that identify a good encryption technique. and remembered. Furthermore. 3 . One error early in the process should not throw off the entire remaining ciphertext. a longer ciphertext implies more space for storage and more time to communicate. algorithms far too complex for hand implementation became feasible. Still. Furthermore.  Errors in ciphering should not propagate and cause corruption of further information in the message. This principle implies that we should restrict neither the choice of keys nor the types of plaintext on which the algorithm can work. With the development and popularity of digital computers. Several characteristics that identify a good Encryption technique. And a complex algorithm is more likely to be programmed incorrectly. it would be difficult to select keys such that the sum of the values of the letters of the key is a prime number. an algorithm that works only on plaintext having an equal number of As and Es is useless. Similarly. Principle 1 is a reiteration of the principle of timeliness and of the earlier observation that even a simple cipher may be strong enough to deter the casual interceptor or to hold off any interceptor for a short time. stored. the issue of complexity is important. Restrictions such as these make the use of the encipherment prohibitively complex. so it must be short. the key must be transmitted. People will avoid an encryption algorithm whose implementation process severely hinders message transmission. it will not be used.  The size of the original message and that of enciphered text should be at most same.  The enciphering algorithm and set of keys used should be less complex. Principle 3 was formulated with hand implementation in mind: A complicated algorithm is prone to error or likely to be forgotten. thereby undermining security.  The implementation of the process should be as simple as possible. If the process is too complex.

In the columnar transposition. If that is the case. but it also leads to a problem: key distribution. Key distribution is the major difficulty in using symmetric encryption. Once the receiver has successfully recalibrated the key with the ciphertext. and the control information of the encipherment algorithm. Block ciphers work on blocks of plaintext and produce blocks of ciphertext. the number of keys needed increases at a rate proportional to the square of the number of users! So a property of symmetric encryption systems is that they require a means of key distribution. Authenticity is ensured because only the legitimate sender can produce a message that will decrypt properly with the shared key. such as skipping a character in the key during encryption. and then all following characters will be wrong. As long as the key remains secret. (The exception is the columnar transposition cipher. Some kinds of errors. the current one being converted is IH. If A wants to share encrypted communication with another user C. In other words. the key. as shown in figure 3.2. In this figure. 4 . Stream encryption algorithm convert one symbol of plaintext immediately into a symbol of ciphertext. proof that a message received was not fabricated by someone other than the declared sender. They provide a two- way channel to their users: A and B share a secret key. In general. Usually. the receiver may be able to recover from the error by dropping a character of the key on the receiving end. A and C need a different shared key.Question 4 . such errors can sometimes be recognized during decryption because the plaintext will be properly recovered up to a point. The symmetry of this situation is a major advantage of this type of encryption. Symmetric algorithms use one key. the central box represents an encryption machine: The previous plaintext pair is converted to po. affect the encryption of all future characters. Based on Block Block based encryption system is classified as stream and block encryption system. the entire message is translated as one block. there will be no further effects from this error.Compare Symmetric and Asymmetric Encryption Systems. the Caesar cipher with a shift of 3 uses the encryption algorithm "substitute the character three letters later in the alphabet" with the decryption "substitute the character three letters earlier in the alphabet. n users who want to communicate in pairs need n * (n – 1)/2 keys. The block size need not have any particular relationship to the size of a character. the system also provides authentication. How do A and B obtain their shared secret key? And only A and B can use that key for their encrypted communications.") The symmetric system means both encryption and the decryption are performed using the same key. (For example. which works for both encryption and decryption.) The transformation depends only on the symbol. However. the decryption algorithm is closely related to the encryption one. Based on Key We have two types of encryptions based on keys they are symmetric (also called "secret key") and asymmetric (also called "public key"). and they can both encrypt information to send to the other as well as decrypt information from the other. and the machine is soon to convert ES.

e. so it is suitable for implementation in software on most current computers. The Data Encryption algorithm is a combination of both substitution as well as transposition technique. the algorithm is repetitive. The strength of DES technique is improved when it uses both the techniques together. DES uses only standard arithmetic and logical operations on numbers up to 64 bits long. The sheer complexity of tracing a single bit through 16 iterations of substitutions and transpositions has so far stopped researchers in the public from identifying more than a handful of general properties of the algorithm.Give the Overview of DES Algorithm. It uses both the technique repeatedly i.) The user can change the key at will any time there is uncertainty about the security of the old key. one on the top of other for a total of 16 cycles. but in fact it can be any 56-bit number. The algorithm begins by encrypting the plaintext as blocks of 64 bits. Although complex.. (The extra 8 bits are often used as check digits and do not affect encryption in normal implementations.Question 5 . making it suitable for implementation on a single-purpose chip. The key is 64 bits long. 5 .

She enciphers the message with her private key and sends it to Bob. In addition to confidentiality." Using the representation above. Example: Suppose Alice wishes to send Bob the message "HELLO WORLD" in such a way that Bob will be sure that Alice sent it. n). 16. and 20. Bob wants to send Alice the message "HELLO WORLD. and the private key is d. 11. anyone can read it. Then: c = me mod n and m = cd mod n. Choose two large prime numbers p and q. each plaintext character is represented by a number between 00 (A) and 25 (Z).. 1. the plaintext is represented as 07 04 11 11 14 26 22 14 17 11 03. Example: Let n = 10. Then n = 77 and Ø(n) = 60. Using Alice's private key. 2. RSA is an exponentiation cipher.Question 6 . The totient Ø(n) of n is the number of numbers less than n with no factors in common with n. 4. if n = 21. and 9. 0317 mod 77 = 75 or 28 16 44 44 42 38 22 42 19 44 75. 6 . the ciphertext is 0717 mod 77 = 28 0417 mod 77 = 16 1117 mod 77 = 44 . Choose an integer e < n that is relatively prime to Ø(n). 2. 5. 8. the numbers that are relatively prime to n are 1. 13. As indicated above. 0353 mod 77 = 05 or 35 09 44 44 93 12 24 94 04 05. 19. In this cryptosystem. but if anyone alters it. the plaintext is 07 04 11 11 14 26 22 14 17 11 03. You have to follow the following two steps. 7. Find a second integer d such that ed mod Ø(n) = 1. 10. the (altered) ciphertext cannot be deciphered correctly. 17. Using Alice's public key. Hence. Alice chooses e = 17. So Ø(21) = 12. the ciphertext is 0753 mod 77 = 35 0453 mod 77 = 09 1153 mod 77 = 44 . The numbers that are less than 10 and are relatively prime to (have no factors in common with) n are 1. RSA can provide data and origin authentication.. The public key is (e. so her private key is d = 53. Example: Let p = 7 and q = 11.. Similarly. and let n = pq.. 3. If Alice enciphers her message using her private key.Explain RSA technique with an example. 26 represents a blank. Let m be a message. Ø (10) = 4.